OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file contains the validation tests for the sandbox. | 5 // This file contains the validation tests for the sandbox. |
6 // It includes the tests that need to be performed inside the | 6 // It includes the tests that need to be performed inside the |
7 // sandbox. | 7 // sandbox. |
8 | 8 |
9 #include <shlwapi.h> | 9 #include <shlwapi.h> |
10 | 10 |
(...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
105 runner.RunTest( | 105 runner.RunTest( |
106 L"OpenKey HKLM " | 106 L"OpenKey HKLM " |
107 L"\"Software\\Microsoft\\Windows NT\\CurrentVersion\\WinLogon\"")); | 107 L"\"Software\\Microsoft\\Windows NT\\CurrentVersion\\WinLogon\"")); |
108 } | 108 } |
109 | 109 |
110 // Tests that the permissions on the Windowstation does not allow the sandbox | 110 // Tests that the permissions on the Windowstation does not allow the sandbox |
111 // to get to the interactive desktop or to make the sbox desktop interactive. | 111 // to get to the interactive desktop or to make the sbox desktop interactive. |
112 TEST(ValidationSuite, TestDesktop) { | 112 TEST(ValidationSuite, TestDesktop) { |
113 TestRunner runner; | 113 TestRunner runner; |
114 runner.GetPolicy()->SetAlternateDesktop(true); | 114 runner.GetPolicy()->SetAlternateDesktop(true); |
| 115 runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW); |
115 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"OpenInteractiveDesktop NULL")); | 116 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"OpenInteractiveDesktop NULL")); |
116 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"SwitchToSboxDesktop NULL")); | 117 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"SwitchToSboxDesktop NULL")); |
117 } | 118 } |
118 | 119 |
119 // Tests that the permissions on the Windowstation does not allow the sandbox | 120 // Tests that the permissions on the Windowstation does not allow the sandbox |
120 // to get to the interactive desktop or to make the sbox desktop interactive. | 121 // to get to the interactive desktop or to make the sbox desktop interactive. |
121 TEST(ValidationSuite, TestAlternateDesktop) { | 122 TEST(ValidationSuite, TestAlternateDesktop) { |
122 base::win::Version version = base::win::GetVersion(); | 123 base::win::Version version = base::win::GetVersion(); |
123 if (version < base::win::VERSION_WIN7) | 124 if (version < base::win::VERSION_WIN7) |
124 return; | 125 return; |
125 | 126 |
126 TestRunner runner; | 127 TestRunner runner; |
127 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"EnumAlternateWinsta NULL")); | 128 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"EnumAlternateWinsta NULL")); |
128 | 129 |
129 wchar_t command[1024] = {0}; | 130 wchar_t command[1024] = {0}; |
130 runner.SetTimeout(3600000); | 131 runner.SetTimeout(3600000); |
131 runner.GetPolicy()->SetAlternateDesktop(true); | 132 runner.GetPolicy()->SetAlternateDesktop(true); |
132 runner.GetPolicy()->SetDelayedIntegrityLevel(INTEGRITY_LEVEL_UNTRUSTED); | 133 runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW); |
133 base::string16 desktop_name = runner.GetPolicy()->GetAlternateDesktop(); | 134 base::string16 desktop_name = runner.GetPolicy()->GetAlternateDesktop(); |
134 desktop_name = desktop_name.substr(desktop_name.find('\\') + 1); | 135 desktop_name = desktop_name.substr(desktop_name.find('\\') + 1); |
135 wsprintf(command, L"OpenAlternateDesktop %lS", desktop_name.c_str()); | 136 wsprintf(command, L"OpenAlternateDesktop %lS", desktop_name.c_str()); |
136 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(command)); | 137 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(command)); |
137 } | 138 } |
138 | 139 |
139 // Tests if the windows are correctly protected by the sandbox. | 140 // Tests if the windows are correctly protected by the sandbox. |
140 TEST(ValidationSuite, TestWindows) { | 141 TEST(ValidationSuite, TestWindows) { |
141 TestRunner runner; | 142 TestRunner runner; |
142 wchar_t command[1024] = {0}; | 143 wchar_t command[1024] = {0}; |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
232 TEST(ValidationSuite, TestMemoryNoLimit) { | 233 TEST(ValidationSuite, TestMemoryNoLimit) { |
233 TestRunner runner; | 234 TestRunner runner; |
234 wchar_t command[1024] = {0}; | 235 wchar_t command[1024] = {0}; |
235 const int kAllocationSize = 256 * 1024 * 1024; | 236 const int kAllocationSize = 256 * 1024 * 1024; |
236 | 237 |
237 wsprintf(command, L"AllocateCmd %d", kAllocationSize); | 238 wsprintf(command, L"AllocateCmd %d", kAllocationSize); |
238 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(command)); | 239 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(command)); |
239 } | 240 } |
240 | 241 |
241 } // namespace sandbox | 242 } // namespace sandbox |
OLD | NEW |